Certificate.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /* DEBUG: section 28 Access Control */
10 
11 #include "squid.h"
12 
13 /* MS Visual Studio Projects are monolithic, so we need the following
14  * #if to exclude the SSL code from compile process when not needed.
15  */
16 #if USE_OPENSSL
17 
18 #include "acl/Certificate.h"
19 #include "acl/FilledChecklist.h"
20 #include "fde.h"
21 #include "globals.h"
22 
23 int
24 Acl::ClientCertificateCheck::match(ACLChecklist * const ch)
25 {
26  const auto checklist = Filled(ch);
27 
28  const int fd = checklist->fd();
29  const bool goodDescriptor = 0 <= fd && fd <= Biggest_FD;
30  auto ssl = goodDescriptor ? fd_table[fd].ssl.get() : nullptr;
31  X509 *cert = SSL_get_peer_certificate(ssl);
32  const bool res = data->match (cert);
33  X509_free(cert);
34  return res;
35 }
36 
37 #endif /* USE_OPENSSL */
38 
Filled
ACLFilledChecklist * Filled(ACLChecklist *checklist)
convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*>
Definition: FilledChecklist.h:146
fd_table
#define fd_table
Definition: fde.h:189
Acl::ClientCertificateCheck::match
int match(ACLChecklist *) override
Matches the actual data in checklist against this Acl::Node.
Definition: Certificate.cc:24
Biggest_FD
int Biggest_FD

 

Introduction

Documentation

Support

Miscellaneous